Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/efzlfUWPOestKKkvUvQ4qTx8RmY.roa
File: efzlfUWPOestKKkvUvQ4qTx8RmY.roa (raw, json)
Hash identifier: FXyWJAI8C2xCX+/Q4N8bPvAe6s0oigAv/WeO/zeL+zQ=
Subject key identifier: 79:FC:E5:7D:45:8F:39:EB:2D:28:A9:2F:52:F4:38:A9:3C:7C:46:66
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8FE954FC63B4593013E982F2F5C13A5E
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/efzlfUWPOestKKkvUvQ4qTx8RmY.roa
Signing time: Sun 19 May 2024 08:13:04 +0000
ROA not before: Sun 19 May 2024 08:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8f:e9:54:fc:63:b4:59:30:13:e9:82:f2:f5:c1:3a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 08:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79fce57d458f39eb2d28a92f52f438a93c7c4666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e2:ef:1b:1e:3b:6a:da:56:00:c6:6f:7e:04:
78:6d:ba:59:ed:92:31:e0:c4:30:ce:56:8c:21:12:
b2:87:00:93:c9:8f:e4:45:32:07:29:bc:e9:a6:41:
b0:e9:d1:d3:6d:0d:05:e7:0c:7e:3e:f3:b0:1f:e5:
fe:42:d8:3a:b2:6c:b9:67:fa:a2:44:7a:04:24:33:
c0:20:7c:2e:56:e1:6b:17:3a:23:53:b4:8c:6e:4c:
1d:d0:fa:e0:b9:3c:da:22:a3:69:68:ec:b8:cf:1e:
51:77:5e:90:53:3a:89:30:98:63:07:01:a1:8a:4c:
05:b0:7a:d2:0b:74:b3:14:e2:46:66:e5:8b:6f:2b:
9e:27:13:c8:d4:ce:7f:8d:ab:d4:ba:d1:8c:f7:66:
ad:a9:f4:d6:4f:8e:d0:ae:de:05:ca:91:ca:48:9e:
c2:de:6f:41:43:e4:14:f8:b8:6c:64:46:d2:cb:17:
4a:ce:2b:3f:95:1a:f6:9f:9a:6b:11:37:27:89:5f:
ae:4a:6d:e9:e3:c1:20:08:3e:25:79:e1:d2:74:66:
67:d8:b7:36:7a:f9:09:30:a7:04:05:31:e1:ed:c6:
5b:69:d3:90:82:c3:34:68:3b:ee:c0:55:88:6c:1e:
ae:41:8c:db:37:18:6b:00:7c:bc:6e:65:cc:23:97:
74:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:FC:E5:7D:45:8F:39:EB:2D:28:A9:2F:52:F4:38:A9:3C:7C:46:66
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/efzlfUWPOestKKkvUvQ4qTx8RmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:cb:89:16:e1:8a:8f:f9:27:8b:b3:96:a3:c9:4e:94:a0:4a:
8f:ad:3f:c9:92:62:62:f1:b3:be:91:b8:3b:7e:27:b3:cc:9b:
75:f5:4f:cc:70:69:1a:9e:60:67:15:c0:6c:a3:e8:54:76:70:
7f:c1:01:cd:30:ce:60:e6:29:55:a9:c5:2b:e8:9a:4e:fe:98:
a4:95:40:96:31:26:b2:e7:29:3c:04:7a:24:a2:63:70:dc:3e:
38:e1:2d:98:2a:f5:c3:b0:61:ab:b9:9b:20:ff:59:85:a3:d4:
71:18:8e:42:c7:53:ee:d9:19:e6:58:48:25:26:be:09:9d:d5:
b5:94:1e:cd:05:54:6e:b7:9c:76:04:3d:97:66:3c:ba:18:cb:
3f:0d:ed:f2:28:c3:49:fa:7c:82:cf:d1:b3:17:68:a3:e7:47:
83:f6:95:67:df:e8:d9:27:13:c5:c5:a0:a4:64:c0:0d:4d:e4:
b6:31:16:74:c5:af:e3:ae:4f:7a:0b:f6:f6:13:5d:f0:c7:08:
93:f1:f5:fb:5b:8f:f1:5b:a7:2f:44:06:7b:57:37:3e:aa:5d:
e9:a2:48:af:7f:5f:4a:36:f3:78:7a:c3:0d:c5:1c:65:ba:82:
5b:e5:58:7f:96:dd:d4:d6:d4:76:10:6a:8a:d9:ff:95:01:02:
d7:5d:30:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+P6VT8Y7RZMBPpgvL1wTpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MDgxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWZjZTU3ZDQ1OGYzOWViMmQyOGE5MmY1MmY0MzhhOTNjN2M0NjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuLvGx47atpWAMZvfgR4bbpZ7ZIx
4MQwzlaMIRKyhwCTyY/kRTIHKbzppkGw6dHTbQ0F5wx+PvOwH+X+Qtg6smy5Z/qi
RHoEJDPAIHwuVuFrFzojU7SMbkwd0PrguTzaIqNpaOy4zx5Rd16QUzqJMJhjBwGh
ikwFsHrSC3SzFOJGZuWLbyueJxPI1M5/javUutGM92atqfTWT47Qrt4FypHKSJ7C
3m9BQ+QU+LhsZEbSyxdKzis/lRr2n5prETcniV+uSm3p48EgCD4leeHSdGZn2Lc2
evkJMKcEBTHh7cZbadOQgsM0aDvuwFWIbB6uQYzbNxhrAHy8bmXMI5d0BQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHn85X1FjznrLSipL1L0OKk8fEZmMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZWZ6bGZVV1BPZXN0S0trdlV2UTRxVHg4Um1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADrLiRbhio/5J4uzlqPJ
TpSgSo+tP8mSYmLxs76RuDt+J7PMm3X1T8xwaRqeYGcVwGyj6FR2cH/BAc0wzmDm
KVWpxSvomk7+mKSVQJYxJrLnKTwEeiSiY3DcPjjhLZgq9cOwYau5myD/WYWj1HEY
jkLHU+7ZGeZYSCUmvgmd1bWUHs0FVG63nHYEPZdmPLoYyz8N7fIow0n6fILP0bMX
aKPnR4P2lWff6NknE8XFoKRkwA1N5LYxFnTFr+OuT3oL9vYTXfDHCJPx9ftbj/Fb
py9EBntXNz6qXemiSK9/X0o283h6ww3FHGW6glvlWH+W3dTW1HYQaorZ/5UBAtdd
MMQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org